The safety of business content is a top priority for every company. Especially at a time when data breaches and other cyberattacks threaten the stability of our systems, protecting our data is an essential corporate function. 

Content must be a key part of every company’s security framework. In addition to the potential theft of valuable and private information stored within your content repositories, data breaches and other forms of cyberattacks create additional risks. When security policies don’t adhere to the requirements of compliance frameworks, audits can leave companies with fines and restrictive penalties. Damage to company reputation and the risk of customer flight are also key concerns.  And perhaps, most importantly, there is the regret of having let down customers who have trusted your company with their data and content.

The threat next door

External cyberattacks get a lot of the attention, but insider threats are just as dangerous. In 2019, insiders, whether malicious or negligent, accounted for 34% of all data breaches. In some industries, such as healthcare, this number is as high as 60%. Because insiders, by definition, are trusted parties, internal attacks and accidental leaks can mimic normal behavior and usage patterns and are therefore difficult to detect. 

If an employee leaves or is terminated by the company and is not immediately removed from the organization’s LDAP or Active Directory, they can—in a very short time—do massive damage, including:

  • Downloading terabytes, or even petabytes, of valuable intellectual property.
  • Stealing the protected, personally identifiable information (PII) of customers.
  • Deleting valuable files, directories, and even entire drives of data without which the company cannot conduct day-to-day operations.
  • Enabling a third party to impersonate a terminated/departed employee.

Terminated/departed employees are not the only threat. Many IT departments have no dedicated system logic—or even a human-directed effort—to spot-check the patterns of unusual or dangerous activity described above being carried out by employees in good standing in the organization.

Security from the inside-out

Egnyte’s platform brings immediate security improvements to minimize the risk of internal and external threats to content by weaving content intelligence and data governance into every layer of the file sharing and collaboration architecture. In Egnyte, user authentication via two-step verification and encryption of data and content—both in transit and at rest—help secure the content environment at a foundational level. Egnyte offers granular sub-folder permissions in addition to admin-level policies and continuous monitoring to ensure that only the right people have access to the right content. 

In the event that a trusted user begins exhibiting suspicious behavior, the Egnyte Platform is continuously monitoring for unusual activity, such as mass file downloads or deletions. It then alerts admins to the anomaly and enables rapid account de-activation. Egnyte’s content safeguards prevent accidental insider leaks by using smart classification policies to prevent sensitive data from leaving the environment.

As more workers become remote, data security is less centralized and less tied to physical infrastructure, which will require more focus on user behavior and controlling how sensitive data moves through the system. Egnyte’s intelligence-driven approach to mitigating insider threats is built for the cloud-first world, applying smart controls closest to the content and the users that rely on it. 

Photo by Uriel Soberanes on Unsplash

There are no comments.

Leave a Reply